Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,467 vulnerabilities with CWE-20

CVE-2022-20784 MEDIUM

Cisco AsyncOS Software - Auth Bypass

CVE-2022-1243 MEDIUM

uri.js < 1.19.11 - Cross-Site Scripting via CRHTLF Protocol Extraction

CVE-2022-22311 MEDIUM

IBM Security Verify Access - Info Disclosure

CVE-2022-24299 HIGH

pfSense CE <2.6.0, pfSense Plus <22.01 - RCE

CVE-2022-25757 CRITICAL

Apache APISIX < 2.13.0 - Request Body Validation Bypass via Duplicate JSON Keys

CVE-2022-21820 MEDIUM

NVIDIA Data Center GPU Manager < 2.3.5 - Remote Memory Corruption in nvhostengine

CVE-2022-0551 HIGH

Nozomi Networks <22.0.0 - Code Injection

CVE-2022-0550 HIGH

Nozomi Networks Guardian <22.0.0 - RCE

CVE-2022-27228 CRITICAL

Bitrix Site Manager < 21.0.100 - Unauthenticated Remote Code Execution in Vote Module

CVE-2022-24774 HIGH

CycloneDX BOM Repository Server < 2.0.1 - Path Traversal and Denial of Service via Directory Manipulation

CVE-2022-24775 HIGH

Drupal < 9.2.16 - Improper Input Validation

CVE-2022-0415 HIGH

Gogs < 0.12.6 - Remote Code Execution via Repository File Upload

CVE-2022-22588 MEDIUM

iPadOS < 15.2.1 - Denial of Service via Maliciously Crafted HomeKit Accessory Name

CVE-2022-25839 MEDIUM

url-js < 2.1.0 - Hostname Spoofing via Improper Input Validation

CVE-2022-26100 CRITICAL

SAPCAR 7.22 - Denial of Service and Privilege Escalation via Archive Input Validation

CVE-2022-25818 MEDIUM

Android UWB Stack - Remote Code Execution via Improper Boundary Check

CVE-2022-26336 MEDIUM

Apache POI <5.2.0 - Memory Corruption

CVE-2022-24723 MEDIUM

URI.js <1.19.9 - URL Parsing Confusion via Leading Whitespace

CVE-2022-0675 MEDIUM

Puppet Firewall <= 3.4.0 - Unmanaged Rule Persistence

CVE-2022-24720 CRITICAL

image_processing <1.12.2 - Command Injection

CVE-2022-24711 CRITICAL

CodeIgniter4 <4.1.9 - CLI Route Execution via HTTP Request

CVE-2022-20624 HIGH

Cisco NX-OS - Unauthenticated Denial of Service via CFSoIP Packet Handling

CVE-2022-20750 MEDIUM

Cisco Redundancy Configuration Manager < 21.24.0 - Unauthenticated Denial of Service via Malformed TCP Packet

CVE-2022-25271 HIGH

Drupal 7.0.0-7.87 and 9.3.0-9.3.5 - Improper Input Validation in Form API

CVE-2022-24086 CRITICAL KEV

Adobe Commerce <2.4.3-p1, <2.3.7-p2 - RCE

Previous Page 138 of 499 Next

Details

Vulnerabilities 12,467

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy